search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge remote-tracking branch 'origin/master'
[unleashed/lotheac.git] / usr / src / uts / common / io / mac / mac_protect.c
bloba3a68047cc4db32445e2944c3809d7bebc135695
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2015, Joyent, Inc. All rights reserved.
25 */
26 /*
27 * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
28 */
29
30 #include <sys/cmn_err.h>
31 #include <sys/strsun.h>
32 #include <sys/sdt.h>
33 #include <sys/mac.h>
34 #include <sys/mac_impl.h>
35 #include <sys/mac_client_impl.h>
36 #include <sys/mac_client_priv.h>
37 #include <sys/ethernet.h>
38 #include <sys/vlan.h>
39 #include <sys/dlpi.h>
40 #include <sys/avl.h>
41 #include <inet/ip.h>
42 #include <inet/ip6.h>
43 #include <inet/arp.h>
44 #include <netinet/arp.h>
45 #include <netinet/udp.h>
46 #include <netinet/dhcp.h>
47 #include <netinet/dhcp6.h>
48
49 /*
50 * Implementation overview for DHCP address detection
51 *
52 * The purpose of DHCP address detection is to relieve the user of having to
53 * manually configure static IP addresses when ip-nospoof protection is turned
54 * on. To achieve this, the mac layer needs to intercept DHCP packets to
55 * determine the assigned IP addresses.
56 *
57 * A DHCP handshake between client and server typically requires at least
58 * 4 messages:
59 *
60 * 1. DISCOVER - client attempts to locate DHCP servers via a
61 * broadcast message to its subnet.
62 * 2. OFFER - server responds to client with an IP address and
63 * other parameters.
64 * 3. REQUEST - client requests the offered address.
65 * 4. ACK - server verifies that the requested address matches
66 * the one it offered.
67 *
68 * DHCPv6 behaves pretty much the same way aside from different message names.
69 *
70 * Address information is embedded in either the OFFER or REQUEST message.
71 * We chose to intercept REQUEST because this is at the last part of the
72 * handshake and it indicates that the client intends to keep the address.
73 * Intercepting OFFERs is unreliable because the client may receive multiple
74 * offers from different servers, and we can't tell which address the client
75 * will keep.
76 *
77 * Each DHCP message has a transaction ID. We use this transaction ID to match
78 * REQUESTs with ACKs received from servers.
79 *
80 * For IPv4, the process to acquire a DHCP-assigned address is as follows:
81 *
82 * 1. Client sends REQUEST. a new dhcpv4_txn_t object is created and inserted
83 * in the the mci_v4_pending_txn table (keyed by xid). This object represents
84 * a new transaction. It contains the xid, the client ID and requested IP
85 * address.
86 *
87 * 2. Server responds with an ACK. The xid from this ACK is used to lookup the
88 * pending transaction from the mci_v4_pending_txn table. Once the object is
89 * found, it is removed from the pending table and inserted into the
90 * completed table (mci_v4_completed_txn, keyed by client ID) and the dynamic
91 * IP table (mci_v4_dyn_ip, keyed by IP address).
92 *
93 * 3. An outgoing packet that goes through the ip-nospoof path will be checked
94 * against the dynamic IP table. Packets that have the assigned DHCP address
95 * as the source IP address will pass the check and be admitted onto the
96 * network.
97 *
98 * IPv4 notes:
99 *
100 * If the server never responds with an ACK, there is a timer that is set after
101 * the insertion of the transaction into the pending table. When the timer
102 * fires, it will check whether the transaction is old (by comparing current
103 * time and the txn's timestamp), if so the transaction will be freed. along
104 * with this, any transaction in the completed/dyn-ip tables matching the client
105 * ID of this stale transaction will also be freed. If the client fails to
106 * extend a lease, we want to stop the client from using any IP addresses that
107 * were granted previously.
108 *
109 * A RELEASE message from the client will not cause a transaction to be created.
110 * The client ID in the RELEASE message will be used for finding and removing
111 * transactions in the completed and dyn-ip tables.
112 *
113 *
114 * For IPv6, the process to acquire a DHCPv6-assigned address is as follows:
115 *
116 * 1. Client sends REQUEST. The DUID is extracted and stored into a dhcpv6_cid_t
117 * structure. A new transaction structure (dhcpv6_txn_t) is also created and
118 * it will point to the dhcpv6_cid_t. If an existing transaction with a
119 * matching xid is not found, this dhcpv6_txn_t will be inserted into the
120 * mci_v6_pending_txn table (keyed by xid).
121 *
122 * 2. Server responds with a REPLY. If a pending transaction is found, the
123 * addresses in the reply will be placed into the dhcpv6_cid_t pointed to by
124 * the transaction. The dhcpv6_cid_t will then be moved to the mci_v6_cid
125 * table (keyed by cid). The associated addresses will be added to the
126 * mci_v6_dyn_ip table (while still being pointed to by the dhcpv6_cid_t).
127 *
128 * 3. IPv6 ip-nospoof will now check mci_v6_dyn_ip for matching packets.
129 * Packets with a source address matching one of the DHCPv6-assigned
130 * addresses will be allowed through.
131 *
132 * IPv6 notes:
133 *
134 * The v6 code shares the same timer as v4 for scrubbing stale transactions.
135 * Just like v4, as part of removing an expired transaction, a RELEASE will be
136 * be triggered on the cid associated with the expired transaction.
137 *
138 * The data structures used for v6 are slightly different because a v6 client
139 * may have multiple addresses associated with it.
140 */
141
142 /*
143 * These are just arbitrary limits meant for preventing abuse (e.g. a user
144 * flooding the network with bogus transactions). They are not meant to be
145 * user-modifiable so they are not exposed as linkprops.
146 */
147 static ulong_t dhcp_max_pending_txn = 512;
148 static ulong_t dhcp_max_completed_txn = 512;
149 static ulong_t slaac_max_allowed = 512;
150 static hrtime_t txn_cleanup_interval = 60 * NANOSEC;
151
152 /*
153 * DHCPv4 transaction. It may be added to three different tables
154 * (keyed by different fields).
155 */
156 typedef struct dhcpv4_txn {
157 uint32_t dt_xid;
158 hrtime_t dt_timestamp;
159 uint8_t dt_cid[DHCP_MAX_OPT_SIZE];
160 uint8_t dt_cid_len;
161 ipaddr_t dt_ipaddr;
162 avl_node_t dt_node;
163 avl_node_t dt_ipnode;
164 struct dhcpv4_txn *dt_next;
165 } dhcpv4_txn_t;
166
167 /*
168 * DHCPv6 address. May be added to mci_v6_dyn_ip.
169 * It is always pointed to by its parent dhcpv6_cid_t structure.
170 */
171 typedef struct dhcpv6_addr {
172 in6_addr_t da_addr;
173 avl_node_t da_node;
174 struct dhcpv6_addr *da_next;
175 } dhcpv6_addr_t;
176
177 /*
178 * DHCPv6 client ID. May be added to mci_v6_cid.
179 * No dhcpv6_txn_t should be pointing to it after it is added to mci_v6_cid.
180 */
181 typedef struct dhcpv6_cid {
182 uchar_t *dc_cid;
183 uint_t dc_cid_len;
184 dhcpv6_addr_t *dc_addr;
185 uint_t dc_addrcnt;
186 avl_node_t dc_node;
187 } dhcpv6_cid_t;
188
189 /*
190 * DHCPv6 transaction. Unlike its v4 counterpart, this object gets freed up
191 * as soon as the transaction completes or expires.
192 */
193 typedef struct dhcpv6_txn {
194 uint32_t dt_xid;
195 hrtime_t dt_timestamp;
196 dhcpv6_cid_t *dt_cid;
197 avl_node_t dt_node;
198 struct dhcpv6_txn *dt_next;
199 } dhcpv6_txn_t;
200
201 /*
202 * Stateless address autoconfiguration (SLAAC) address. May be added to
203 * mci_v6_slaac_ip.
204 */
205 typedef struct slaac_addr {
206 in6_addr_t sla_prefix;
207 in6_addr_t sla_addr;
208 avl_node_t sla_node;
209 } slaac_addr_t;
210
211 static void start_txn_cleanup_timer(mac_client_impl_t *);
212 static boolean_t allowed_ips_set(mac_resource_props_t *, uint32_t);
213
214 #define BUMP_STAT(m, s) (m)->mci_misc_stat.mms_##s++
215
216 /*
217 * Comparison functions for the 3 AVL trees used:
218 * mci_v4_pending_txn, mci_v4_completed_txn, mci_v4_dyn_ip
219 */
220 static int
221 compare_dhcpv4_xid(const void *arg1, const void *arg2)
222 {
223 const dhcpv4_txn_t *txn1 = arg1, *txn2 = arg2;
224
225 if (txn1->dt_xid < txn2->dt_xid)
226 return (-1);
227 else if (txn1->dt_xid > txn2->dt_xid)
228 return (1);
229 else
230 return (0);
231 }
232
233 static int
234 compare_dhcpv4_cid(const void *arg1, const void *arg2)
235 {
236 const dhcpv4_txn_t *txn1 = arg1, *txn2 = arg2;
237 int ret;
238
239 if (txn1->dt_cid_len < txn2->dt_cid_len)
240 return (-1);
241 else if (txn1->dt_cid_len > txn2->dt_cid_len)
242 return (1);
243
244 if (txn1->dt_cid_len == 0)
245 return (0);
246
247 ret = memcmp(txn1->dt_cid, txn2->dt_cid, txn1->dt_cid_len);
248 if (ret < 0)
249 return (-1);
250 else if (ret > 0)
251 return (1);
252 else
253 return (0);
254 }
255
256 static int
257 compare_dhcpv4_ip(const void *arg1, const void *arg2)
258 {
259 const dhcpv4_txn_t *txn1 = arg1, *txn2 = arg2;
260
261 if (txn1->dt_ipaddr < txn2->dt_ipaddr)
262 return (-1);
263 else if (txn1->dt_ipaddr > txn2->dt_ipaddr)
264 return (1);
265 else
266 return (0);
267 }
268
269 /*
270 * Find the specified DHCPv4 option.
271 */
272 static int
273 get_dhcpv4_option(struct dhcp *dh4, uchar_t *end, uint8_t type,
274 uchar_t **opt, uint8_t *opt_len)
275 {
276 uchar_t *start = (uchar_t *)dh4->options;
277 uint8_t otype, olen;
278
279 while (start < end) {
280 if (*start == CD_PAD) {
281 start++;
282 continue;
283 }
284 if (*start == CD_END)
285 break;
286
287 otype = *start++;
288 olen = *start++;
289 if (otype == type && olen > 0) {
290 *opt = start;
291 *opt_len = olen;
292 return (0);
293 }
294 start += olen;
295 }
296 return (ENOENT);
297 }
298
299 /*
300 * Locate the start of a DHCPv4 header.
301 * The possible return values and associated meanings are:
302 * 0 - packet is DHCP and has a DHCP header.
303 * EINVAL - packet is not DHCP. the recommended action is to let it pass.
304 * ENOSPC - packet is a initial fragment that is DHCP or is unidentifiable.
305 * the recommended action is to drop it.
306 */
307 static int
308 get_dhcpv4_info(ipha_t *ipha, uchar_t *end, struct dhcp **dh4)
309 {
310 uint16_t offset_and_flags, client, server;
311 boolean_t first_frag = B_FALSE;
312 struct udphdr *udph;
313 uchar_t *dh;
314
315 if (ipha->ipha_protocol != IPPROTO_UDP)
316 return (EINVAL);
317
318 offset_and_flags = ntohs(ipha->ipha_fragment_offset_and_flags);
319 if ((offset_and_flags & (IPH_MF | IPH_OFFSET)) != 0) {
320 /*
321 * All non-initial fragments may pass because we cannot
322 * identify their type. It's safe to let them through
323 * because reassembly will fail if we decide to drop the
324 * initial fragment.
325 */
326 if (((offset_and_flags << 3) & 0xffff) != 0)
327 return (EINVAL);
328 first_frag = B_TRUE;
329 }
330 /* drop packets without a udp header */
331 udph = (struct udphdr *)((uchar_t *)ipha + IPH_HDR_LENGTH(ipha));
332 if ((uchar_t *)&udph[1] > end)
333 return (ENOSPC);
334
335 client = htons(IPPORT_BOOTPC);
336 server = htons(IPPORT_BOOTPS);
337 if (udph->uh_sport != client && udph->uh_sport != server &&
338 udph->uh_dport != client && udph->uh_dport != server)
339 return (EINVAL);
340
341 /* drop dhcp fragments */
342 if (first_frag)
343 return (ENOSPC);
344
345 dh = (uchar_t *)&udph[1];
346 if (dh + BASE_PKT_SIZE > end)
347 return (EINVAL);
348
349 *dh4 = (struct dhcp *)dh;
350 return (0);
351 }
352
353 /*
354 * Wrappers for accesses to avl trees to improve readability.
355 * Their purposes are fairly self-explanatory.
356 */
357 static dhcpv4_txn_t *
358 find_dhcpv4_pending_txn(mac_client_impl_t *mcip, uint32_t xid)
359 {
360 dhcpv4_txn_t tmp_txn;
361
362 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
363 tmp_txn.dt_xid = xid;
364 return (avl_find(&mcip->mci_v4_pending_txn, &tmp_txn, NULL));
365 }
366
367 static int
368 insert_dhcpv4_pending_txn(mac_client_impl_t *mcip, dhcpv4_txn_t *txn)
369 {
370 avl_index_t where;
371
372 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
373 if (avl_find(&mcip->mci_v4_pending_txn, txn, &where) != NULL)
374 return (EEXIST);
375
376 if (avl_numnodes(&mcip->mci_v4_pending_txn) >= dhcp_max_pending_txn) {
377 BUMP_STAT(mcip, dhcpdropped);
378 return (EAGAIN);
379 }
380 avl_insert(&mcip->mci_v4_pending_txn, txn, where);
381 return (0);
382 }
383
384 static void
385 remove_dhcpv4_pending_txn(mac_client_impl_t *mcip, dhcpv4_txn_t *txn)
386 {
387 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
388 avl_remove(&mcip->mci_v4_pending_txn, txn);
389 }
390
391 static dhcpv4_txn_t *
392 find_dhcpv4_completed_txn(mac_client_impl_t *mcip, uint8_t *cid,
393 uint8_t cid_len)
394 {
395 dhcpv4_txn_t tmp_txn;
396
397 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
398 if (cid_len > 0)
399 bcopy(cid, tmp_txn.dt_cid, cid_len);
400 tmp_txn.dt_cid_len = cid_len;
401 return (avl_find(&mcip->mci_v4_completed_txn, &tmp_txn, NULL));
402 }
403
404 /*
405 * After a pending txn is removed from the pending table, it is inserted
406 * into both the completed and dyn-ip tables. These two insertions are
407 * done together because a client ID must have 1:1 correspondence with
408 * an IP address and IP addresses must be unique in the dyn-ip table.
409 */
410 static int
411 insert_dhcpv4_completed_txn(mac_client_impl_t *mcip, dhcpv4_txn_t *txn)
412 {
413 avl_index_t where;
414
415 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
416 if (avl_find(&mcip->mci_v4_completed_txn, txn, &where) != NULL)
417 return (EEXIST);
418
419 if (avl_numnodes(&mcip->mci_v4_completed_txn) >=
420 dhcp_max_completed_txn) {
421 BUMP_STAT(mcip, dhcpdropped);
422 return (EAGAIN);
423 }
424
425 avl_insert(&mcip->mci_v4_completed_txn, txn, where);
426 if (avl_find(&mcip->mci_v4_dyn_ip, txn, &where) != NULL) {
427 avl_remove(&mcip->mci_v4_completed_txn, txn);
428 return (EEXIST);
429 }
430 avl_insert(&mcip->mci_v4_dyn_ip, txn, where);
431 return (0);
432 }
433
434 static void
435 remove_dhcpv4_completed_txn(mac_client_impl_t *mcip, dhcpv4_txn_t *txn)
436 {
437 dhcpv4_txn_t *ctxn;
438
439 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
440 if ((ctxn = avl_find(&mcip->mci_v4_dyn_ip, txn, NULL)) != NULL &&
441 ctxn == txn)
442 avl_remove(&mcip->mci_v4_dyn_ip, txn);
443
444 avl_remove(&mcip->mci_v4_completed_txn, txn);
445 }
446
447 /*
448 * Check whether an IP address is in the dyn-ip table.
449 */
450 static boolean_t
451 check_dhcpv4_dyn_ip(mac_client_impl_t *mcip, ipaddr_t ipaddr)
452 {
453 dhcpv4_txn_t tmp_txn, *txn;
454
455 mutex_enter(&mcip->mci_protect_lock);
456 tmp_txn.dt_ipaddr = ipaddr;
457 txn = avl_find(&mcip->mci_v4_dyn_ip, &tmp_txn, NULL);
458 mutex_exit(&mcip->mci_protect_lock);
459 return (txn != NULL);
460 }
461
462 /*
463 * Create/destroy a DHCPv4 transaction.
464 */
465 static dhcpv4_txn_t *
466 create_dhcpv4_txn(uint32_t xid, uint8_t *cid, uint8_t cid_len, ipaddr_t ipaddr)
467 {
468 dhcpv4_txn_t *txn;
469
470 if ((txn = kmem_zalloc(sizeof (*txn), KM_NOSLEEP)) == NULL)
471 return (NULL);
472
473 txn->dt_xid = xid;
474 txn->dt_timestamp = gethrtime();
475 if (cid_len > 0)
476 bcopy(cid, &txn->dt_cid, cid_len);
477 txn->dt_cid_len = cid_len;
478 txn->dt_ipaddr = ipaddr;
479 return (txn);
480 }
481
482 static void
483 free_dhcpv4_txn(dhcpv4_txn_t *txn)
484 {
485 kmem_free(txn, sizeof (*txn));
486 }
487
488 /*
489 * Clean up all v4 tables.
490 */
491 static void
492 flush_dhcpv4(mac_client_impl_t *mcip)
493 {
494 void *cookie = NULL;
495 dhcpv4_txn_t *txn;
496
497 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
498 while ((txn = avl_destroy_nodes(&mcip->mci_v4_dyn_ip,
499 &cookie)) != NULL) {
500 /*
501 * No freeing needed here because the same txn exists
502 * in the mci_v4_completed_txn table as well.
503 */
504 }
505 cookie = NULL;
506 while ((txn = avl_destroy_nodes(&mcip->mci_v4_completed_txn,
507 &cookie)) != NULL) {
508 free_dhcpv4_txn(txn);
509 }
510 cookie = NULL;
511 while ((txn = avl_destroy_nodes(&mcip->mci_v4_pending_txn,
512 &cookie)) != NULL) {
513 free_dhcpv4_txn(txn);
514 }
515 }
516
517 /*
518 * Cleanup stale DHCPv4 transactions.
519 */
520 static void
521 txn_cleanup_v4(mac_client_impl_t *mcip)
522 {
523 dhcpv4_txn_t *txn, *ctxn, *next, *txn_list = NULL;
524
525 /*
526 * Find stale pending transactions and place them on a list
527 * to be removed.
528 */
529 for (txn = avl_first(&mcip->mci_v4_pending_txn); txn != NULL;
530 txn = avl_walk(&mcip->mci_v4_pending_txn, txn, AVL_AFTER)) {
531 if (gethrtime() - txn->dt_timestamp > txn_cleanup_interval) {
532 DTRACE_PROBE2(found__expired__txn,
533 mac_client_impl_t *, mcip,
534 dhcpv4_txn_t *, txn);
535
536 txn->dt_next = txn_list;
537 txn_list = txn;
538 }
539 }
540
541 /*
542 * Remove and free stale pending transactions and completed
543 * transactions with the same client IDs as the stale transactions.
544 */
545 for (txn = txn_list; txn != NULL; txn = next) {
546 avl_remove(&mcip->mci_v4_pending_txn, txn);
547
548 ctxn = find_dhcpv4_completed_txn(mcip, txn->dt_cid,
549 txn->dt_cid_len);
550 if (ctxn != NULL) {
551 DTRACE_PROBE2(removing__completed__txn,
552 mac_client_impl_t *, mcip,
553 dhcpv4_txn_t *, ctxn);
554
555 remove_dhcpv4_completed_txn(mcip, ctxn);
556 free_dhcpv4_txn(ctxn);
557 }
558 next = txn->dt_next;
559 txn->dt_next = NULL;
560
561 DTRACE_PROBE2(freeing__txn, mac_client_impl_t *, mcip,
562 dhcpv4_txn_t *, txn);
563 free_dhcpv4_txn(txn);
564 }
565 }
566
567 /*
568 * Core logic for intercepting outbound DHCPv4 packets.
569 */
570 static boolean_t
571 intercept_dhcpv4_outbound(mac_client_impl_t *mcip, ipha_t *ipha, uchar_t *end)
572 {
573 struct dhcp *dh4;
574 uchar_t *opt;
575 dhcpv4_txn_t *txn, *ctxn;
576 ipaddr_t ipaddr;
577 uint8_t opt_len, mtype, cid[DHCP_MAX_OPT_SIZE], cid_len;
578 mac_resource_props_t *mrp = MCIP_RESOURCE_PROPS(mcip);
579
580 if (get_dhcpv4_info(ipha, end, &dh4) != 0)
581 return (B_TRUE);
582
583 /* ip_nospoof/allowed-ips and DHCP are mutually exclusive by default */
584 if (allowed_ips_set(mrp, IPV4_VERSION))
585 return (B_FALSE);
586
587 if (get_dhcpv4_option(dh4, end, CD_DHCP_TYPE, &opt, &opt_len) != 0 ||
588 opt_len != 1) {
589 DTRACE_PROBE2(mtype__not__found, mac_client_impl_t *, mcip,
590 struct dhcp *, dh4);
591 return (B_TRUE);
592 }
593 mtype = *opt;
594 if (mtype != REQUEST && mtype != RELEASE) {
595 DTRACE_PROBE3(ignored__mtype, mac_client_impl_t *, mcip,
596 struct dhcp *, dh4, uint8_t, mtype);
597 return (B_TRUE);
598 }
599
600 /* client ID is optional for IPv4 */
601 if (get_dhcpv4_option(dh4, end, CD_CLIENT_ID, &opt, &opt_len) == 0 &&
602 opt_len >= 2) {
603 bcopy(opt, cid, opt_len);
604 cid_len = opt_len;
605 } else {
606 bzero(cid, DHCP_MAX_OPT_SIZE);
607 cid_len = 0;
608 }
609
610 mutex_enter(&mcip->mci_protect_lock);
611 if (mtype == RELEASE) {
612 DTRACE_PROBE2(release, mac_client_impl_t *, mcip,
613 struct dhcp *, dh4);
614
615 /* flush any completed txn with this cid */
616 ctxn = find_dhcpv4_completed_txn(mcip, cid, cid_len);
617 if (ctxn != NULL) {
618 DTRACE_PROBE2(release__successful, mac_client_impl_t *,
619 mcip, struct dhcp *, dh4);
620
621 remove_dhcpv4_completed_txn(mcip, ctxn);
622 free_dhcpv4_txn(ctxn);
623 }
624 goto done;
625 }
626
627 /*
628 * If a pending txn already exists, we'll update its timestamp so
629 * it won't get flushed by the timer. We don't need to create new
630 * txns for retransmissions.
631 */
632 if ((txn = find_dhcpv4_pending_txn(mcip, dh4->xid)) != NULL) {
633 DTRACE_PROBE2(update, mac_client_impl_t *, mcip,
634 dhcpv4_txn_t *, txn);
635 txn->dt_timestamp = gethrtime();
636 goto done;
637 }
638
639 if (get_dhcpv4_option(dh4, end, CD_REQUESTED_IP_ADDR,
640 &opt, &opt_len) != 0 || opt_len != sizeof (ipaddr)) {
641 DTRACE_PROBE2(ipaddr__not__found, mac_client_impl_t *, mcip,
642 struct dhcp *, dh4);
643 goto done;
644 }
645 bcopy(opt, &ipaddr, sizeof (ipaddr));
646 if ((txn = create_dhcpv4_txn(dh4->xid, cid, cid_len, ipaddr)) == NULL)
647 goto done;
648
649 if (insert_dhcpv4_pending_txn(mcip, txn) != 0) {
650 DTRACE_PROBE2(insert__failed, mac_client_impl_t *, mcip,
651 dhcpv4_txn_t *, txn);
652 free_dhcpv4_txn(txn);
653 goto done;
654 }
655 start_txn_cleanup_timer(mcip);
656
657 DTRACE_PROBE2(txn__pending, mac_client_impl_t *, mcip,
658 dhcpv4_txn_t *, txn);
659
660 done:
661 mutex_exit(&mcip->mci_protect_lock);
662 return (B_TRUE);
663 }
664
665 /*
666 * Core logic for intercepting inbound DHCPv4 packets.
667 */
668 static void
669 intercept_dhcpv4_inbound(mac_client_impl_t *mcip, uchar_t *end,
670 struct dhcp *dh4)
671 {
672 uchar_t *opt;
673 dhcpv4_txn_t *txn, *ctxn;
674 uint8_t opt_len, mtype;
675
676 if (get_dhcpv4_option(dh4, end, CD_DHCP_TYPE, &opt, &opt_len) != 0 ||
677 opt_len != 1) {
678 DTRACE_PROBE2(mtype__not__found, mac_client_impl_t *, mcip,
679 struct dhcp *, dh4);
680 return;
681 }
682 mtype = *opt;
683 if (mtype != ACK && mtype != NAK) {
684 DTRACE_PROBE3(ignored__mtype, mac_client_impl_t *, mcip,
685 struct dhcp *, dh4, uint8_t, mtype);
686 return;
687 }
688
689 mutex_enter(&mcip->mci_protect_lock);
690 if ((txn = find_dhcpv4_pending_txn(mcip, dh4->xid)) == NULL) {
691 DTRACE_PROBE2(txn__not__found, mac_client_impl_t *, mcip,
692 struct dhcp *, dh4);
693 goto done;
694 }
695 remove_dhcpv4_pending_txn(mcip, txn);
696
697 /*
698 * We're about to move a txn from the pending table to the completed/
699 * dyn-ip tables. If there is an existing completed txn with the
700 * same cid as our txn, we need to remove and free it.
701 */
702 ctxn = find_dhcpv4_completed_txn(mcip, txn->dt_cid, txn->dt_cid_len);
703 if (ctxn != NULL) {
704 DTRACE_PROBE2(replacing__old__txn, mac_client_impl_t *, mcip,
705 dhcpv4_txn_t *, ctxn);
706 remove_dhcpv4_completed_txn(mcip, ctxn);
707 free_dhcpv4_txn(ctxn);
708 }
709 if (mtype == NAK) {
710 DTRACE_PROBE2(nak__received, mac_client_impl_t *, mcip,
711 dhcpv4_txn_t *, txn);
712 free_dhcpv4_txn(txn);
713 goto done;
714 }
715 if (insert_dhcpv4_completed_txn(mcip, txn) != 0) {
716 DTRACE_PROBE2(insert__failed, mac_client_impl_t *, mcip,
717 dhcpv4_txn_t *, txn);
718 free_dhcpv4_txn(txn);
719 goto done;
720 }
721 DTRACE_PROBE2(txn__completed, mac_client_impl_t *, mcip,
722 dhcpv4_txn_t *, txn);
723
724 done:
725 mutex_exit(&mcip->mci_protect_lock);
726 }
727
728
729 /*
730 * Comparison functions for the DHCPv6 AVL trees.
731 */
732 static int
733 compare_dhcpv6_xid(const void *arg1, const void *arg2)
734 {
735 const dhcpv6_txn_t *txn1 = arg1, *txn2 = arg2;
736
737 if (txn1->dt_xid < txn2->dt_xid)
738 return (-1);
739 else if (txn1->dt_xid > txn2->dt_xid)
740 return (1);
741 else
742 return (0);
743 }
744
745 static int
746 compare_dhcpv6_ip(const void *arg1, const void *arg2)
747 {
748 const dhcpv6_addr_t *ip1 = arg1, *ip2 = arg2;
749 int ret;
750
751 ret = memcmp(&ip1->da_addr, &ip2->da_addr, sizeof (in6_addr_t));
752 if (ret < 0)
753 return (-1);
754 else if (ret > 0)
755 return (1);
756 else
757 return (0);
758 }
759
760 static int
761 compare_dhcpv6_cid(const void *arg1, const void *arg2)
762 {
763 const dhcpv6_cid_t *cid1 = arg1, *cid2 = arg2;
764 int ret;
765
766 if (cid1->dc_cid_len < cid2->dc_cid_len)
767 return (-1);
768 else if (cid1->dc_cid_len > cid2->dc_cid_len)
769 return (1);
770
771 if (cid1->dc_cid_len == 0)
772 return (0);
773
774 ret = memcmp(cid1->dc_cid, cid2->dc_cid, cid1->dc_cid_len);
775 if (ret < 0)
776 return (-1);
777 else if (ret > 0)
778 return (1);
779 else
780 return (0);
781 }
782
783 static int
784 compare_slaac_ip(const void *arg1, const void *arg2)
785 {
786 const slaac_addr_t *ip1 = arg1, *ip2 = arg2;
787 int ret;
788
789 ret = memcmp(&ip1->sla_addr, &ip2->sla_addr, sizeof (in6_addr_t));
790 if (ret < 0)
791 return (-1);
792 else if (ret > 0)
793 return (1);
794 else
795 return (0);
796 }
797
798 /*
799 * Locate the start of a DHCPv6 header.
800 * The possible return values and associated meanings are:
801 * 0 - packet is DHCP and has a DHCP header.
802 * EINVAL - packet is not DHCP. the recommended action is to let it pass.
803 * ENOSPC - packet is a initial fragment that is DHCP or is unidentifiable.
804 * the recommended action is to drop it.
805 */
806 static int
807 get_dhcpv6_info(ip6_t *ip6h, uchar_t *end, dhcpv6_message_t **dh6)
808 {
809 uint16_t hdrlen, client, server;
810 boolean_t first_frag = B_FALSE;
811 ip6_frag_t *frag = NULL;
812 uint8_t proto;
813 struct udphdr *udph;
814 uchar_t *dh;
815
816 if (!mac_ip_hdr_length_v6(ip6h, end, &hdrlen, &proto, &frag))
817 return (ENOSPC);
818
819 if (proto != IPPROTO_UDP)
820 return (EINVAL);
821
822 if (frag != NULL) {
823 /*
824 * All non-initial fragments may pass because we cannot
825 * identify their type. It's safe to let them through
826 * because reassembly will fail if we decide to drop the
827 * initial fragment.
828 */
829 if ((ntohs(frag->ip6f_offlg) & ~7) != 0)
830 return (EINVAL);
831 first_frag = B_TRUE;
832 }
833 /* drop packets without a udp header */
834 udph = (struct udphdr *)((uchar_t *)ip6h + hdrlen);
835 if ((uchar_t *)&udph[1] > end)
836 return (ENOSPC);
837
838 client = htons(IPPORT_DHCPV6C);
839 server = htons(IPPORT_DHCPV6S);
840 if (udph->uh_sport != client && udph->uh_sport != server &&
841 udph->uh_dport != client && udph->uh_dport != server)
842 return (EINVAL);
843
844 /* drop dhcp fragments */
845 if (first_frag)
846 return (ENOSPC);
847
848 dh = (uchar_t *)&udph[1];
849 if (dh + sizeof (dhcpv6_message_t) > end)
850 return (EINVAL);
851
852 *dh6 = (dhcpv6_message_t *)dh;
853 return (0);
854 }
855
856 static int
857 get_ra_info(ip6_t *ip6h, uchar_t *end, nd_router_advert_t **ra)
858 {
859 uint16_t hdrlen;
860 ip6_frag_t *frag = NULL;
861 uint8_t proto;
862 uchar_t *hdrp;
863 struct icmp6_hdr *icmp;
864
865 if (!mac_ip_hdr_length_v6(ip6h, end, &hdrlen, &proto, &frag))
866 return (ENOSPC);
867
868 if (proto != IPPROTO_ICMPV6)
869 return (EINVAL);
870
871 if (frag != NULL) {
872 /*
873 * All non-initial fragments may pass because we cannot
874 * identify their type. It's safe to let them through
875 * because reassembly will fail if we decide to drop the
876 * initial fragment.
877 */
878 if ((ntohs(frag->ip6f_offlg) & ~7) != 0)
879 return (EINVAL);
880 return (ENOSPC);
881 }
882
883 /*
884 * Ensure that the ICMP header falls w/in packet boundaries, in case
885 * we've received a malicious packet that reports incorrect lengths.
886 */
887 hdrp = (uchar_t *)ip6h + hdrlen;
888 if ((hdrp + sizeof (struct icmp6_hdr)) > end) {
889 return (EINVAL);
890 }
891 icmp = (struct icmp6_hdr *)hdrp;
892
893 if (icmp->icmp6_type != ND_ROUTER_ADVERT ||
894 icmp->icmp6_code != 0)
895 return (EINVAL);
896
897 *ra = (nd_router_advert_t *)icmp;
898 return (0);
899 }
900
901 /*
902 * Find the specified DHCPv6 option.
903 */
904 static dhcpv6_option_t *
905 get_dhcpv6_option(void *buf, size_t buflen, dhcpv6_option_t *oldopt,
906 uint16_t codenum, uint_t *retlenp)
907 {
908 uchar_t *bp;
909 dhcpv6_option_t d6o;
910 uint_t olen;
911
912 codenum = htons(codenum);
913 bp = buf;
914 while (buflen >= sizeof (dhcpv6_option_t)) {
915 bcopy(bp, &d6o, sizeof (d6o));
916 olen = ntohs(d6o.d6o_len) + sizeof (d6o);
917 if (olen > buflen)
918 break;
919 if (d6o.d6o_code != codenum || d6o.d6o_len == 0 ||
920 (oldopt != NULL && bp <= (uchar_t *)oldopt)) {
921 bp += olen;
922 buflen -= olen;
923 continue;
924 }
925 if (retlenp != NULL)
926 *retlenp = olen;
927 /* LINTED : alignment */
928 return ((dhcpv6_option_t *)bp);
929 }
930 return (NULL);
931 }
932
933 /*
934 * Get the status code from a reply message.
935 */
936 static int
937 get_dhcpv6_status(dhcpv6_message_t *dh6, uchar_t *end, uint16_t *status)
938 {
939 dhcpv6_option_t *d6o;
940 uint_t olen;
941 uint16_t s;
942
943 d6o = get_dhcpv6_option(&dh6[1], end - (uchar_t *)&dh6[1], NULL,
944 DHCPV6_OPT_STATUS_CODE, &olen);
945
946 /* Success is implied if status code is missing */
947 if (d6o == NULL) {
948 *status = DHCPV6_STAT_SUCCESS;
949 return (0);
950 }
951 if ((uchar_t *)d6o + olen > end)
952 return (EINVAL);
953
954 olen -= sizeof (*d6o);
955 if (olen < sizeof (s))
956 return (EINVAL);
957
958 bcopy(&d6o[1], &s, sizeof (s));
959 *status = ntohs(s);
960 return (0);
961 }
962
963 /*
964 * Get the addresses from a reply message.
965 */
966 static int
967 get_dhcpv6_addrs(dhcpv6_message_t *dh6, uchar_t *end, dhcpv6_cid_t *cid)
968 {
969 dhcpv6_option_t *d6o;
970 dhcpv6_addr_t *next;
971 uint_t olen;
972
973 d6o = NULL;
974 while ((d6o = get_dhcpv6_option(&dh6[1], end - (uchar_t *)&dh6[1],
975 d6o, DHCPV6_OPT_IA_NA, &olen)) != NULL) {
976 dhcpv6_option_t *d6so;
977 dhcpv6_iaaddr_t d6ia;
978 dhcpv6_addr_t **addrp;
979 uchar_t *obase;
980 uint_t solen;
981
982 if (olen < sizeof (dhcpv6_ia_na_t) ||
983 (uchar_t *)d6o + olen > end)
984 goto fail;
985
986 obase = (uchar_t *)d6o + sizeof (dhcpv6_ia_na_t);
987 olen -= sizeof (dhcpv6_ia_na_t);
988 d6so = NULL;
989 while ((d6so = get_dhcpv6_option(obase, olen, d6so,
990 DHCPV6_OPT_IAADDR, &solen)) != NULL) {
991 if (solen < sizeof (dhcpv6_iaaddr_t) ||
992 (uchar_t *)d6so + solen > end)
993 goto fail;
994
995 bcopy(d6so, &d6ia, sizeof (d6ia));
996 for (addrp = &cid->dc_addr; *addrp != NULL;
997 addrp = &(*addrp)->da_next) {
998 if (bcmp(&(*addrp)->da_addr, &d6ia.d6ia_addr,
999 sizeof (in6_addr_t)) == 0)
1000 goto fail;
1001 }
1002 if ((*addrp = kmem_zalloc(sizeof (dhcpv6_addr_t),
1003 KM_NOSLEEP)) == NULL)
1004 goto fail;
1005
1006 bcopy(&d6ia.d6ia_addr, &(*addrp)->da_addr,
1007 sizeof (in6_addr_t));
1008 cid->dc_addrcnt++;
1009 }
1010 }
1011 if (cid->dc_addrcnt == 0)
1012 return (ENOENT);
1013
1014 return (0);
1015
1016 fail:
1017 for (; cid->dc_addr != NULL; cid->dc_addr = next) {
1018 next = cid->dc_addr->da_next;
1019 kmem_free(cid->dc_addr, sizeof (dhcpv6_addr_t));
1020 cid->dc_addrcnt--;
1021 }
1022 ASSERT(cid->dc_addrcnt == 0);
1023 return (EINVAL);
1024 }
1025
1026 /*
1027 * Free a cid.
1028 * Before this gets called the caller must ensure that all the
1029 * addresses are removed from the mci_v6_dyn_ip table.
1030 */
1031 static void
1032 free_dhcpv6_cid(dhcpv6_cid_t *cid)
1033 {
1034 dhcpv6_addr_t *addr, *next;
1035 uint_t cnt = 0;
1036
1037 kmem_free(cid->dc_cid, cid->dc_cid_len);
1038 for (addr = cid->dc_addr; addr != NULL; addr = next) {
1039 next = addr->da_next;
1040 kmem_free(addr, sizeof (*addr));
1041 cnt++;
1042 }
1043 ASSERT(cnt == cid->dc_addrcnt);
1044 kmem_free(cid, sizeof (*cid));
1045 }
1046
1047 /*
1048 * Extract the DUID from a message. The associated addresses will be
1049 * extracted later from the reply message.
1050 */
1051 static dhcpv6_cid_t *
1052 create_dhcpv6_cid(dhcpv6_message_t *dh6, uchar_t *end)
1053 {
1054 dhcpv6_option_t *d6o;
1055 dhcpv6_cid_t *cid;
1056 uchar_t *rawcid;
1057 uint_t olen, rawcidlen;
1058
1059 d6o = get_dhcpv6_option(&dh6[1], end - (uchar_t *)&dh6[1], NULL,
1060 DHCPV6_OPT_CLIENTID, &olen);
1061 if (d6o == NULL || (uchar_t *)d6o + olen > end)
1062 return (NULL);
1063
1064 rawcidlen = olen - sizeof (*d6o);
1065 if ((rawcid = kmem_zalloc(rawcidlen, KM_NOSLEEP)) == NULL)
1066 return (NULL);
1067 bcopy(d6o + 1, rawcid, rawcidlen);
1068
1069 if ((cid = kmem_zalloc(sizeof (*cid), KM_NOSLEEP)) == NULL) {
1070 kmem_free(rawcid, rawcidlen);
1071 return (NULL);
1072 }
1073 cid->dc_cid = rawcid;
1074 cid->dc_cid_len = rawcidlen;
1075 return (cid);
1076 }
1077
1078 /*
1079 * Remove a cid from mci_v6_cid. The addresses owned by the cid
1080 * are also removed from mci_v6_dyn_ip.
1081 */
1082 static void
1083 remove_dhcpv6_cid(mac_client_impl_t *mcip, dhcpv6_cid_t *cid)
1084 {
1085 dhcpv6_addr_t *addr, *tmp_addr;
1086
1087 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
1088 avl_remove(&mcip->mci_v6_cid, cid);
1089 for (addr = cid->dc_addr; addr != NULL; addr = addr->da_next) {
1090 tmp_addr = avl_find(&mcip->mci_v6_dyn_ip, addr, NULL);
1091 if (tmp_addr == addr)
1092 avl_remove(&mcip->mci_v6_dyn_ip, addr);
1093 }
1094 }
1095
1096 /*
1097 * Find and remove a matching cid and associated addresses from
1098 * their respective tables.
1099 */
1100 static void
1101 release_dhcpv6_cid(mac_client_impl_t *mcip, dhcpv6_cid_t *cid)
1102 {
1103 dhcpv6_cid_t *oldcid;
1104
1105 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
1106 if ((oldcid = avl_find(&mcip->mci_v6_cid, cid, NULL)) == NULL)
1107 return;
1108
1109 /*
1110 * Since cid belongs to a pending txn, it can't possibly be in
1111 * mci_v6_cid. Anything that's found must be an existing cid.
1112 */
1113 ASSERT(oldcid != cid);
1114 remove_dhcpv6_cid(mcip, oldcid);
1115 free_dhcpv6_cid(oldcid);
1116 }
1117
1118 /*
1119 * Insert cid into mci_v6_cid.
1120 */
1121 static int
1122 insert_dhcpv6_cid(mac_client_impl_t *mcip, dhcpv6_cid_t *cid)
1123 {
1124 avl_index_t where;
1125 dhcpv6_addr_t *addr;
1126
1127 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
1128 if (avl_find(&mcip->mci_v6_cid, cid, &where) != NULL)
1129 return (EEXIST);
1130
1131 if (avl_numnodes(&mcip->mci_v6_cid) >= dhcp_max_completed_txn) {
1132 BUMP_STAT(mcip, dhcpdropped);
1133 return (EAGAIN);
1134 }
1135 avl_insert(&mcip->mci_v6_cid, cid, where);
1136 for (addr = cid->dc_addr; addr != NULL; addr = addr->da_next) {
1137 if (avl_find(&mcip->mci_v6_dyn_ip, addr, &where) != NULL)
1138 goto fail;
1139
1140 avl_insert(&mcip->mci_v6_dyn_ip, addr, where);
1141 }
1142 return (0);
1143
1144 fail:
1145 remove_dhcpv6_cid(mcip, cid);
1146 return (EEXIST);
1147 }
1148
1149 /*
1150 * Check whether an IP address is in the dyn-ip table.
1151 */
1152 static boolean_t
1153 check_dhcpv6_dyn_ip(mac_client_impl_t *mcip, in6_addr_t *addr)
1154 {
1155 dhcpv6_addr_t tmp_addr, *a;
1156
1157 mutex_enter(&mcip->mci_protect_lock);
1158 bcopy(addr, &tmp_addr.da_addr, sizeof (in6_addr_t));
1159 a = avl_find(&mcip->mci_v6_dyn_ip, &tmp_addr, NULL);
1160 mutex_exit(&mcip->mci_protect_lock);
1161 return (a != NULL);
1162 }
1163
1164 static dhcpv6_txn_t *
1165 find_dhcpv6_pending_txn(mac_client_impl_t *mcip, uint32_t xid)
1166 {
1167 dhcpv6_txn_t tmp_txn;
1168
1169 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
1170 tmp_txn.dt_xid = xid;
1171 return (avl_find(&mcip->mci_v6_pending_txn, &tmp_txn, NULL));
1172 }
1173
1174 static void
1175 remove_dhcpv6_pending_txn(mac_client_impl_t *mcip, dhcpv6_txn_t *txn)
1176 {
1177 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
1178 avl_remove(&mcip->mci_v6_pending_txn, txn);
1179 }
1180
1181 static dhcpv6_txn_t *
1182 create_dhcpv6_txn(uint32_t xid, dhcpv6_cid_t *cid)
1183 {
1184 dhcpv6_txn_t *txn;
1185
1186 if ((txn = kmem_zalloc(sizeof (dhcpv6_txn_t), KM_NOSLEEP)) == NULL)
1187 return (NULL);
1188
1189 txn->dt_xid = xid;
1190 txn->dt_cid = cid;
1191 txn->dt_timestamp = gethrtime();
1192 return (txn);
1193 }
1194
1195 static void
1196 free_dhcpv6_txn(dhcpv6_txn_t *txn)
1197 {
1198 if (txn->dt_cid != NULL)
1199 free_dhcpv6_cid(txn->dt_cid);
1200 kmem_free(txn, sizeof (dhcpv6_txn_t));
1201 }
1202
1203 static int
1204 insert_dhcpv6_pending_txn(mac_client_impl_t *mcip, dhcpv6_txn_t *txn)
1205 {
1206 avl_index_t where;
1207
1208 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
1209 if (avl_find(&mcip->mci_v6_pending_txn, txn, &where) != NULL)
1210 return (EEXIST);
1211
1212 if (avl_numnodes(&mcip->mci_v6_pending_txn) >= dhcp_max_pending_txn) {
1213 BUMP_STAT(mcip, dhcpdropped);
1214 return (EAGAIN);
1215 }
1216 avl_insert(&mcip->mci_v6_pending_txn, txn, where);
1217 return (0);
1218 }
1219
1220 /*
1221 * Clean up all v6 tables.
1222 */
1223 static void
1224 flush_dhcpv6(mac_client_impl_t *mcip)
1225 {
1226 void *cookie = NULL;
1227 dhcpv6_cid_t *cid;
1228 dhcpv6_txn_t *txn;
1229
1230 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
1231 while (avl_destroy_nodes(&mcip->mci_v6_dyn_ip, &cookie) != NULL) {
1232 }
1233 cookie = NULL;
1234 while ((cid = avl_destroy_nodes(&mcip->mci_v6_cid, &cookie)) != NULL) {
1235 free_dhcpv6_cid(cid);
1236 }
1237 cookie = NULL;
1238 while ((txn = avl_destroy_nodes(&mcip->mci_v6_pending_txn,
1239 &cookie)) != NULL) {
1240 free_dhcpv6_txn(txn);
1241 }
1242 }
1243
1244 void
1245 flush_slaac(mac_client_impl_t *mcip)
1246 {
1247 void *cookie = NULL;
1248 slaac_addr_t *addr = NULL;
1249
1250 while ((addr = avl_destroy_nodes(&mcip->mci_v6_slaac_ip, &cookie)) !=
1251 NULL) {
1252 kmem_free(addr, sizeof (slaac_addr_t));
1253 }
1254 }
1255
1256 /*
1257 * Cleanup stale DHCPv6 transactions.
1258 */
1259 static void
1260 txn_cleanup_v6(mac_client_impl_t *mcip)
1261 {
1262 dhcpv6_txn_t *txn, *next, *txn_list = NULL;
1263
1264 /*
1265 * Find stale pending transactions and place them on a list
1266 * to be removed.
1267 */
1268 for (txn = avl_first(&mcip->mci_v6_pending_txn); txn != NULL;
1269 txn = avl_walk(&mcip->mci_v6_pending_txn, txn, AVL_AFTER)) {
1270 if (gethrtime() - txn->dt_timestamp > txn_cleanup_interval) {
1271 DTRACE_PROBE2(found__expired__txn,
1272 mac_client_impl_t *, mcip,
1273 dhcpv6_txn_t *, txn);
1274
1275 txn->dt_next = txn_list;
1276 txn_list = txn;
1277 }
1278 }
1279
1280 /*
1281 * Remove and free stale pending transactions.
1282 * Release any existing cids matching the stale transactions.
1283 */
1284 for (txn = txn_list; txn != NULL; txn = next) {
1285 avl_remove(&mcip->mci_v6_pending_txn, txn);
1286 release_dhcpv6_cid(mcip, txn->dt_cid);
1287 next = txn->dt_next;
1288 txn->dt_next = NULL;
1289
1290 DTRACE_PROBE2(freeing__txn, mac_client_impl_t *, mcip,
1291 dhcpv6_txn_t *, txn);
1292 free_dhcpv6_txn(txn);
1293 }
1294
1295 }
1296
1297 /*
1298 * Core logic for intercepting outbound DHCPv6 packets.
1299 */
1300 static boolean_t
1301 intercept_dhcpv6_outbound(mac_client_impl_t *mcip, ip6_t *ip6h, uchar_t *end)
1302 {
1303 dhcpv6_message_t *dh6;
1304 dhcpv6_txn_t *txn;
1305 dhcpv6_cid_t *cid = NULL;
1306 uint32_t xid;
1307 uint8_t mtype;
1308 mac_resource_props_t *mrp = MCIP_RESOURCE_PROPS(mcip);
1309
1310 if (get_dhcpv6_info(ip6h, end, &dh6) != 0)
1311 return (B_TRUE);
1312
1313 /* ip_nospoof/allowed-ips and DHCP are mutually exclusive by default */
1314 if (allowed_ips_set(mrp, IPV6_VERSION))
1315 return (B_FALSE);
1316
1317 /*
1318 * We want to act on packets that result in DHCPv6 Reply messages, or
1319 * on packets that give up an IPv6 address. For example, a Request or
1320 * Solicit (w/ the Rapid Commit option) will cause the server to send a
1321 * Reply, ending the transaction.
1322 */
1323 mtype = dh6->d6m_msg_type;
1324 if (mtype != DHCPV6_MSG_SOLICIT && mtype != DHCPV6_MSG_REQUEST &&
1325 mtype != DHCPV6_MSG_RENEW && mtype != DHCPV6_MSG_REBIND &&
1326 mtype != DHCPV6_MSG_RELEASE)
1327 return (B_TRUE);
1328
1329 if ((cid = create_dhcpv6_cid(dh6, end)) == NULL)
1330 return (B_TRUE);
1331
1332 mutex_enter(&mcip->mci_protect_lock);
1333 if (mtype == DHCPV6_MSG_RELEASE) {
1334 release_dhcpv6_cid(mcip, cid);
1335 goto done;
1336 }
1337 xid = DHCPV6_GET_TRANSID(dh6);
1338 if ((txn = find_dhcpv6_pending_txn(mcip, xid)) != NULL) {
1339 DTRACE_PROBE2(update, mac_client_impl_t *, mcip,
1340 dhcpv6_txn_t *, txn);
1341 txn->dt_timestamp = gethrtime();
1342 goto done;
1343 }
1344 if ((txn = create_dhcpv6_txn(xid, cid)) == NULL)
1345 goto done;
1346
1347 cid = NULL;
1348 if (insert_dhcpv6_pending_txn(mcip, txn) != 0) {
1349 DTRACE_PROBE2(insert__failed, mac_client_impl_t *, mcip,
1350 dhcpv6_txn_t *, txn);
1351 free_dhcpv6_txn(txn);
1352 goto done;
1353 }
1354 start_txn_cleanup_timer(mcip);
1355
1356 DTRACE_PROBE2(txn__pending, mac_client_impl_t *, mcip,
1357 dhcpv6_txn_t *, txn);
1358
1359 done:
1360 if (cid != NULL)
1361 free_dhcpv6_cid(cid);
1362
1363 mutex_exit(&mcip->mci_protect_lock);
1364 return (B_TRUE);
1365 }
1366
1367 /*
1368 * Core logic for intercepting inbound DHCPv6 packets.
1369 */
1370 static void
1371 intercept_dhcpv6_inbound(mac_client_impl_t *mcip, uchar_t *end,
1372 dhcpv6_message_t *dh6)
1373 {
1374 dhcpv6_txn_t *txn;
1375 uint32_t xid;
1376 uint8_t mtype;
1377 uint16_t status;
1378
1379 mtype = dh6->d6m_msg_type;
1380 if (mtype != DHCPV6_MSG_REPLY)
1381 return;
1382
1383 mutex_enter(&mcip->mci_protect_lock);
1384 xid = DHCPV6_GET_TRANSID(dh6);
1385 if ((txn = find_dhcpv6_pending_txn(mcip, xid)) == NULL) {
1386 DTRACE_PROBE2(txn__not__found, mac_client_impl_t *, mcip,
1387 dhcpv6_message_t *, dh6);
1388 goto done;
1389 }
1390 remove_dhcpv6_pending_txn(mcip, txn);
1391 release_dhcpv6_cid(mcip, txn->dt_cid);
1392
1393 if (get_dhcpv6_status(dh6, end, &status) != 0 ||
1394 status != DHCPV6_STAT_SUCCESS) {
1395 DTRACE_PROBE2(error__status, mac_client_impl_t *, mcip,
1396 dhcpv6_txn_t *, txn);
1397 goto done;
1398 }
1399 if (get_dhcpv6_addrs(dh6, end, txn->dt_cid) != 0) {
1400 DTRACE_PROBE2(no__addrs, mac_client_impl_t *, mcip,
1401 dhcpv6_txn_t *, txn);
1402 goto done;
1403 }
1404 if (insert_dhcpv6_cid(mcip, txn->dt_cid) != 0) {
1405 DTRACE_PROBE2(insert__failed, mac_client_impl_t *, mcip,
1406 dhcpv6_txn_t *, txn);
1407 goto done;
1408 }
1409 DTRACE_PROBE2(txn__completed, mac_client_impl_t *, mcip,
1410 dhcpv6_txn_t *, txn);
1411
1412 txn->dt_cid = NULL;
1413
1414 done:
1415 if (txn != NULL)
1416 free_dhcpv6_txn(txn);
1417 mutex_exit(&mcip->mci_protect_lock);
1418 }
1419
1420 /*
1421 * Check whether an IP address is in the SLAAC table.
1422 */
1423 static boolean_t
1424 check_slaac_ip(mac_client_impl_t *mcip, in6_addr_t *addr)
1425 {
1426 slaac_addr_t tmp_addr, *a;
1427
1428 mutex_enter(&mcip->mci_protect_lock);
1429 bcopy(addr, &tmp_addr.sla_addr, sizeof (in6_addr_t));
1430 a = avl_find(&mcip->mci_v6_slaac_ip, &tmp_addr, NULL);
1431 mutex_exit(&mcip->mci_protect_lock);
1432 return (a != NULL);
1433 }
1434
1435 static boolean_t
1436 insert_slaac_ip(avl_tree_t *tree, in6_addr_t *token, slaac_addr_t *addr)
1437 {
1438 uint_t i;
1439 avl_index_t where;
1440 in6_addr_t *prefix = &addr->sla_prefix;
1441 in6_addr_t *in6p = &addr->sla_addr;
1442
1443 bcopy(prefix, in6p, sizeof (struct in6_addr));
1444
1445 for (i = 0; i < 4; i++) {
1446 in6p->s6_addr32[i] = token->s6_addr32[i] |
1447 in6p->s6_addr32[i];
1448 }
1449
1450 DTRACE_PROBE1(generated__addr, in6_addr_t *, in6p);
1451
1452 if (avl_find(tree, addr, &where) != NULL)
1453 return (B_FALSE);
1454
1455 avl_insert(tree, addr, where);
1456 return (B_TRUE);
1457 }
1458
1459 static void
1460 insert_slaac_prefix(mac_client_impl_t *mcip, nd_opt_prefix_info_t *po)
1461 {
1462 slaac_addr_t *addr = NULL;
1463 in6_addr_t *token = &mcip->mci_v6_mac_token;
1464
1465 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
1466
1467 if (avl_numnodes(&mcip->mci_v6_slaac_ip) >= slaac_max_allowed) {
1468 DTRACE_PROBE(limit__reached);
1469 return;
1470 }
1471
1472 if ((addr = kmem_zalloc(sizeof (slaac_addr_t),
1473 KM_NOSLEEP | KM_NORMALPRI)) == NULL)
1474 return;
1475
1476 bcopy(&po->nd_opt_pi_prefix, &addr->sla_prefix,
1477 sizeof (struct in6_addr));
1478
1479 if (!insert_slaac_ip(&mcip->mci_v6_slaac_ip, token, addr)) {
1480 kmem_free(addr, sizeof (slaac_addr_t));
1481 }
1482 }
1483
1484 static void
1485 intercept_prefix_info(mac_client_impl_t *mcip, nd_opt_prefix_info_t *po)
1486 {
1487 if (8 * po->nd_opt_pi_len != sizeof (nd_opt_prefix_info_t)) {
1488 DTRACE_PROBE(invalid__length);
1489 return;
1490 }
1491
1492 if (po->nd_opt_pi_prefix_len > 128) {
1493 DTRACE_PROBE(invalid__plen);
1494 return;
1495 }
1496
1497 if (IN6_IS_ADDR_LINKLOCAL(&po->nd_opt_pi_prefix)) {
1498 DTRACE_PROBE(link__local);
1499 return;
1500 }
1501
1502 if ((po->nd_opt_pi_flags_reserved & ND_OPT_PI_FLAG_AUTO) == 0)
1503 return;
1504
1505 mutex_enter(&mcip->mci_protect_lock);
1506 insert_slaac_prefix(mcip, po);
1507 mutex_exit(&mcip->mci_protect_lock);
1508 }
1509
1510 /*
1511 * If we receive a Router Advertisement carrying prefix information and
1512 * indicating that SLAAC should be performed, then track the prefix.
1513 */
1514 static void
1515 intercept_ra_inbound(mac_client_impl_t *mcip, ip6_t *ip6h, uchar_t *end,
1516 nd_router_advert_t *ra)
1517 {
1518 struct nd_opt_hdr *opt;
1519 int len, optlen;
1520
1521 if (ip6h->ip6_hlim != 255) {
1522 DTRACE_PROBE1(invalid__hoplimit, uint8_t, ip6h->ip6_hlim);
1523 return;
1524 }
1525
1526 len = ip6h->ip6_plen - sizeof (nd_router_advert_t);
1527 opt = (struct nd_opt_hdr *)&ra[1];
1528 while (len >= sizeof (struct nd_opt_hdr) &&
1529 ((uchar_t *)opt + sizeof (struct nd_opt_hdr)) <= end) {
1530 optlen = opt->nd_opt_len * 8;
1531
1532 if (optlen < sizeof (struct nd_opt_hdr) ||
1533 ((uchar_t *)opt + optlen) > end) {
1534 DTRACE_PROBE(invalid__length);
1535 return;
1536 }
1537
1538 if (opt->nd_opt_type == ND_OPT_PREFIX_INFORMATION) {
1539 intercept_prefix_info(mcip,
1540 (nd_opt_prefix_info_t *)opt);
1541 }
1542
1543 opt = (struct nd_opt_hdr *)((char *)opt + optlen);
1544 len -= optlen;
1545 }
1546 }
1547
1548 /*
1549 * Timer for cleaning up stale transactions.
1550 */
1551 static void
1552 txn_cleanup_timer(void *arg)
1553 {
1554 mac_client_impl_t *mcip = arg;
1555
1556 mutex_enter(&mcip->mci_protect_lock);
1557 if (mcip->mci_txn_cleanup_tid == 0) {
1558 /* do nothing if timer got cancelled */
1559 mutex_exit(&mcip->mci_protect_lock);
1560 return;
1561 }
1562 mcip->mci_txn_cleanup_tid = 0;
1563
1564 txn_cleanup_v4(mcip);
1565 txn_cleanup_v6(mcip);
1566
1567 /*
1568 * Restart timer if pending transactions still exist.
1569 */
1570 if (!avl_is_empty(&mcip->mci_v4_pending_txn) ||
1571 !avl_is_empty(&mcip->mci_v6_pending_txn)) {
1572 DTRACE_PROBE1(restarting__timer, mac_client_impl_t *, mcip);
1573
1574 mcip->mci_txn_cleanup_tid = timeout(txn_cleanup_timer, mcip,
1575 drv_usectohz(txn_cleanup_interval / (NANOSEC / MICROSEC)));
1576 }
1577 mutex_exit(&mcip->mci_protect_lock);
1578 }
1579
1580 static void
1581 start_txn_cleanup_timer(mac_client_impl_t *mcip)
1582 {
1583 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
1584 if (mcip->mci_txn_cleanup_tid == 0) {
1585 mcip->mci_txn_cleanup_tid = timeout(txn_cleanup_timer, mcip,
1586 drv_usectohz(txn_cleanup_interval / (NANOSEC / MICROSEC)));
1587 }
1588 }
1589
1590 static void
1591 cancel_txn_cleanup_timer(mac_client_impl_t *mcip)
1592 {
1593 timeout_id_t tid;
1594
1595 ASSERT(MUTEX_HELD(&mcip->mci_protect_lock));
1596
1597 /*
1598 * This needs to be a while loop because the timer could get
1599 * rearmed during untimeout().
1600 */
1601 while ((tid = mcip->mci_txn_cleanup_tid) != 0) {
1602 mcip->mci_txn_cleanup_tid = 0;
1603 mutex_exit(&mcip->mci_protect_lock);
1604 (void) untimeout(tid);
1605 mutex_enter(&mcip->mci_protect_lock);
1606 }
1607 }
1608
1609 /*
1610 * Get the start/end pointers of an L3 packet and also do pullup if needed.
1611 * pulled-up packet needs to be freed by the caller.
1612 */
1613 static int
1614 get_l3_info(mblk_t *mp, size_t hdrsize, uchar_t **start, uchar_t **end,
1615 mblk_t **nmp)
1616 {
1617 uchar_t *s, *e;
1618 mblk_t *newmp = NULL;
1619
1620 /*
1621 * Pullup if necessary but reject packets that do not have
1622 * a proper mac header.
1623 */
1624 s = mp->b_rptr + hdrsize;
1625 e = mp->b_wptr;
1626
1627 if (s > mp->b_wptr)
1628 return (EINVAL);
1629
1630 if (!OK_32PTR(s) || mp->b_cont != NULL) {
1631 /*
1632 * Temporarily adjust mp->b_rptr to ensure proper
1633 * alignment of IP header in newmp.
1634 */
1635 DTRACE_PROBE1(pullup__needed, mblk_t *, mp);
1636
1637 mp->b_rptr += hdrsize;
1638 newmp = msgpullup(mp, -1);
1639 mp->b_rptr -= hdrsize;
1640
1641 if (newmp == NULL)
1642 return (ENOMEM);
1643
1644 s = newmp->b_rptr;
1645 e = newmp->b_wptr;
1646 }
1647
1648 *start = s;
1649 *end = e;
1650 *nmp = newmp;
1651 return (0);
1652 }
1653
1654 void
1655 mac_protect_intercept_dynamic_one(mac_client_impl_t *mcip, mblk_t *mp)
1656 {
1657 mac_impl_t *mip = mcip->mci_mip;
1658 uchar_t *start, *end;
1659 mblk_t *nmp = NULL;
1660 mac_header_info_t mhi;
1661 int err;
1662
1663 err = mac_vlan_header_info((mac_handle_t)mip, mp, &mhi);
1664 if (err != 0) {
1665 DTRACE_PROBE2(invalid__header, mac_client_impl_t *, mcip,
1666 mblk_t *, mp);
1667 return;
1668 }
1669
1670 err = get_l3_info(mp, mhi.mhi_hdrsize, &start, &end, &nmp);
1671 if (err != 0) {
1672 DTRACE_PROBE2(invalid__l3, mac_client_impl_t *, mcip,
1673 mblk_t *, mp);
1674 return;
1675 }
1676
1677 switch (mhi.mhi_bindsap) {
1678 case ETHERTYPE_IP: {
1679 struct dhcp *dh4;
1680 ipha_t *ipha = (ipha_t *)start;
1681
1682 if (start + sizeof (ipha_t) > end)
1683 return;
1684
1685 if (get_dhcpv4_info(ipha, end, &dh4) == 0) {
1686 intercept_dhcpv4_inbound(mcip, end, dh4);
1687 }
1688 break;
1689 }
1690 case ETHERTYPE_IPV6: {
1691 dhcpv6_message_t *dh6;
1692 nd_router_advert_t *ra;
1693 ip6_t *ip6h = (ip6_t *)start;
1694
1695 if (start + sizeof (ip6_t) > end)
1696 return;
1697
1698 if (get_dhcpv6_info(ip6h, end, &dh6) == 0) {
1699 intercept_dhcpv6_inbound(mcip, end, dh6);
1700 } else if (get_ra_info(ip6h, end, &ra) == 0) {
1701 intercept_ra_inbound(mcip, ip6h, end, ra);
1702 }
1703
1704 break;
1705 }
1706 }
1707 freemsg(nmp);
1708 }
1709
1710 void
1711 mac_protect_intercept_dynamic(mac_client_impl_t *mcip, mblk_t *mp)
1712 {
1713 /*
1714 * Skip checks if we are part of an aggr.
1715 */
1716 if ((mcip->mci_state_flags & MCIS_IS_AGGR_PORT) != 0)
1717 return;
1718
1719 for (; mp != NULL; mp = mp->b_next)
1720 mac_protect_intercept_dynamic_one(mcip, mp);
1721 }
1722
1723 void
1724 mac_protect_flush_dynamic(mac_client_impl_t *mcip)
1725 {
1726 mutex_enter(&mcip->mci_protect_lock);
1727 flush_dhcpv4(mcip);
1728 flush_dhcpv6(mcip);
1729 flush_slaac(mcip);
1730 mutex_exit(&mcip->mci_protect_lock);
1731 }
1732
1733 void
1734 mac_protect_cancel_timer(mac_client_impl_t *mcip)
1735 {
1736 mutex_enter(&mcip->mci_protect_lock);
1737 cancel_txn_cleanup_timer(mcip);
1738 mutex_exit(&mcip->mci_protect_lock);
1739 }
1740
1741 /*
1742 * Check if addr is in the 'allowed-ips' list.
1743 */
1744
1745 /* ARGSUSED */
1746 static boolean_t
1747 ipnospoof_check_v4(mac_client_impl_t *mcip, mac_protect_t *protect,
1748 ipaddr_t *addr)
1749 {
1750 uint_t i;
1751
1752 /*
1753 * The unspecified address is allowed.
1754 */
1755 if (*addr == INADDR_ANY)
1756 return (B_TRUE);
1757
1758 for (i = 0; i < protect->mp_ipaddrcnt; i++) {
1759 mac_ipaddr_t *v4addr = &protect->mp_ipaddrs[i];
1760
1761 if (v4addr->ip_version == IPV4_VERSION) {
1762 uint32_t mask;
1763
1764 /* LINTED E_SUSPICIOUS_COMPARISON */
1765 ASSERT(v4addr->ip_netmask >= 0 &&
1766 v4addr->ip_netmask <= 32);
1767 mask = 0xFFFFFFFFu << (32 - v4addr->ip_netmask);
1768 /*
1769 * Since we have a netmask we know this entry
1770 * signifies the entire subnet. Check if the
1771 * given address is on the subnet.
1772 */
1773 if (htonl(V4_PART_OF_V6(v4addr->ip_addr)) ==
1774 (htonl(*addr) & mask))
1775 return (B_TRUE);
1776 }
1777 }
1778 return (protect->mp_ipaddrcnt == 0 ?
1779 check_dhcpv4_dyn_ip(mcip, *addr) : B_FALSE);
1780 }
1781
1782 static boolean_t
1783 ipnospoof_check_v6(mac_client_impl_t *mcip, mac_protect_t *protect,
1784 in6_addr_t *addr)
1785 {
1786 uint_t i;
1787
1788 /*
1789 * The unspecified address and the v6 link local address are allowed.
1790 */
1791 if (IN6_IS_ADDR_UNSPECIFIED(addr) ||
1792 ((mcip->mci_protect_flags & MPT_FLAG_V6_LOCAL_ADDR_SET) != 0 &&
1793 IN6_ARE_ADDR_EQUAL(&mcip->mci_v6_local_addr, addr)))
1794 return (B_TRUE);
1795
1796
1797 for (i = 0; i < protect->mp_ipaddrcnt; i++) {
1798 mac_ipaddr_t *v6addr = &protect->mp_ipaddrs[i];
1799
1800 if (v6addr->ip_version == IPV6_VERSION &&
1801 /* LINTED E_SUSPICIOUS_COMPARISON */
1802 IN6_ARE_PREFIXEDADDR_EQUAL(&v6addr->ip_addr, addr,
1803 v6addr->ip_netmask))
1804 return (B_TRUE);
1805 }
1806
1807 if (protect->mp_ipaddrcnt == 0) {
1808 return (check_slaac_ip(mcip, addr) ||
1809 check_dhcpv6_dyn_ip(mcip, addr));
1810 } else {
1811 return (B_FALSE);
1812 }
1813 }
1814
1815 /*
1816 * Checks various fields within an IPv6 NDP packet.
1817 */
1818 static boolean_t
1819 ipnospoof_check_ndp(mac_client_impl_t *mcip, mac_protect_t *protect,
1820 ip6_t *ip6h, uchar_t *end)
1821 {
1822 icmp6_t *icmp_nd = (icmp6_t *)&ip6h[1];
1823 int hdrlen, optlen, opttype, len;
1824 uint_t addrlen, maclen;
1825 uint8_t type;
1826 nd_opt_hdr_t *opt;
1827 struct nd_opt_lla *lla = NULL;
1828
1829 /*
1830 * NDP packets do not have extension headers so the ICMPv6 header
1831 * must immediately follow the IPv6 header.
1832 */
1833 if (ip6h->ip6_nxt != IPPROTO_ICMPV6)
1834 return (B_TRUE);
1835
1836 /* ICMPv6 header missing */
1837 if ((uchar_t *)&icmp_nd[1] > end)
1838 return (B_FALSE);
1839
1840 len = end - (uchar_t *)icmp_nd;
1841 type = icmp_nd->icmp6_type;
1842
1843 switch (type) {
1844 case ND_ROUTER_SOLICIT:
1845 hdrlen = sizeof (nd_router_solicit_t);
1846 break;
1847 case ND_ROUTER_ADVERT:
1848 hdrlen = sizeof (nd_router_advert_t);
1849 break;
1850 case ND_NEIGHBOR_SOLICIT:
1851 hdrlen = sizeof (nd_neighbor_solicit_t);
1852 break;
1853 case ND_NEIGHBOR_ADVERT:
1854 hdrlen = sizeof (nd_neighbor_advert_t);
1855 break;
1856 case ND_REDIRECT:
1857 hdrlen = sizeof (nd_redirect_t);
1858 break;
1859 default:
1860 return (B_TRUE);
1861 }
1862
1863 if (len < hdrlen)
1864 return (B_FALSE);
1865
1866 /* SLLA option checking is needed for RS/RA/NS */
1867 opttype = ND_OPT_SOURCE_LINKADDR;
1868
1869 switch (type) {
1870 case ND_NEIGHBOR_ADVERT: {
1871 nd_neighbor_advert_t *na = (nd_neighbor_advert_t *)icmp_nd;
1872
1873 if (!ipnospoof_check_v6(mcip, protect, &na->nd_na_target)) {
1874 DTRACE_PROBE2(ndp__na__fail,
1875 mac_client_impl_t *, mcip, ip6_t *, ip6h);
1876 return (B_FALSE);
1877 }
1878
1879 /* TLLA option for NA */
1880 opttype = ND_OPT_TARGET_LINKADDR;
1881 break;
1882 }
1883 case ND_REDIRECT: {
1884 /* option checking not needed for RD */
1885 return (B_TRUE);
1886 }
1887 default:
1888 break;
1889 }
1890
1891 if (len == hdrlen) {
1892 /* no options, we're done */
1893 return (B_TRUE);
1894 }
1895 opt = (nd_opt_hdr_t *)((uchar_t *)icmp_nd + hdrlen);
1896 optlen = len - hdrlen;
1897
1898 /* find the option header we need */
1899 while (optlen > sizeof (nd_opt_hdr_t)) {
1900 if (opt->nd_opt_type == opttype) {
1901 lla = (struct nd_opt_lla *)opt;
1902 break;
1903 }
1904 optlen -= 8 * opt->nd_opt_len;
1905 opt = (nd_opt_hdr_t *)
1906 ((uchar_t *)opt + 8 * opt->nd_opt_len);
1907 }
1908 if (lla == NULL)
1909 return (B_TRUE);
1910
1911 addrlen = lla->nd_opt_lla_len * 8 - sizeof (nd_opt_hdr_t);
1912 maclen = mcip->mci_mip->mi_info.mi_addr_length;
1913
1914 if (addrlen != maclen ||
1915 bcmp(mcip->mci_unicast->ma_addr,
1916 lla->nd_opt_lla_hdw_addr, maclen) != 0) {
1917 DTRACE_PROBE2(ndp__lla__fail,
1918 mac_client_impl_t *, mcip, ip6_t *, ip6h);
1919 return (B_FALSE);
1920 }
1921
1922 DTRACE_PROBE2(ndp__lla__ok, mac_client_impl_t *, mcip, ip6_t *, ip6h);
1923 return (B_TRUE);
1924 }
1925
1926 /*
1927 * Enforce ip-nospoof protection.
1928 */
1929 static int
1930 ipnospoof_check(mac_client_impl_t *mcip, mac_protect_t *protect,
1931 mblk_t *mp, mac_header_info_t *mhip)
1932 {
1933 size_t hdrsize = mhip->mhi_hdrsize;
1934 uint32_t sap = mhip->mhi_bindsap;
1935 uchar_t *start, *end;
1936 mblk_t *nmp = NULL;
1937 int err;
1938
1939 err = get_l3_info(mp, hdrsize, &start, &end, &nmp);
1940 if (err != 0) {
1941 DTRACE_PROBE2(invalid__l3, mac_client_impl_t *, mcip,
1942 mblk_t *, mp);
1943 return (err);
1944 }
1945 err = EINVAL;
1946
1947 switch (sap) {
1948 case ETHERTYPE_IP: {
1949 ipha_t *ipha = (ipha_t *)start;
1950
1951 if (start + sizeof (ipha_t) > end)
1952 goto fail;
1953
1954 if (!ipnospoof_check_v4(mcip, protect, &ipha->ipha_src))
1955 goto fail;
1956
1957 if (!intercept_dhcpv4_outbound(mcip, ipha, end))
1958 goto fail;
1959 break;
1960 }
1961 case ETHERTYPE_ARP: {
1962 arh_t *arh = (arh_t *)start;
1963 uint32_t maclen, hlen, plen, arplen;
1964 ipaddr_t spaddr;
1965 uchar_t *shaddr;
1966
1967 if (start + sizeof (arh_t) > end)
1968 goto fail;
1969
1970 maclen = mcip->mci_mip->mi_info.mi_addr_length;
1971 hlen = arh->arh_hlen;
1972 plen = arh->arh_plen;
1973 if ((hlen != 0 && hlen != maclen) ||
1974 plen != sizeof (ipaddr_t))
1975 goto fail;
1976
1977 arplen = sizeof (arh_t) + 2 * hlen + 2 * plen;
1978 if (start + arplen > end)
1979 goto fail;
1980
1981 shaddr = start + sizeof (arh_t);
1982 if (hlen != 0 &&
1983 bcmp(mcip->mci_unicast->ma_addr, shaddr, maclen) != 0)
1984 goto fail;
1985
1986 bcopy(shaddr + hlen, &spaddr, sizeof (spaddr));
1987 if (!ipnospoof_check_v4(mcip, protect, &spaddr))
1988 goto fail;
1989 break;
1990 }
1991 case ETHERTYPE_IPV6: {
1992 ip6_t *ip6h = (ip6_t *)start;
1993
1994 if (start + sizeof (ip6_t) > end)
1995 goto fail;
1996
1997 if (!ipnospoof_check_v6(mcip, protect, &ip6h->ip6_src))
1998 goto fail;
1999
2000 if (!ipnospoof_check_ndp(mcip, protect, ip6h, end))
2001 goto fail;
2002
2003 if (!intercept_dhcpv6_outbound(mcip, ip6h, end))
2004 goto fail;
2005 break;
2006 }
2007 }
2008 freemsg(nmp);
2009 return (0);
2010
2011 fail:
2012 freemsg(nmp);
2013 return (err);
2014 }
2015
2016 static boolean_t
2017 dhcpnospoof_check_cid(mac_protect_t *p, uchar_t *cid, uint_t cidlen)
2018 {
2019 int i;
2020
2021 for (i = 0; i < p->mp_cidcnt; i++) {
2022 mac_dhcpcid_t *dcid = &p->mp_cids[i];
2023
2024 if (dcid->dc_len == cidlen &&
2025 bcmp(dcid->dc_id, cid, cidlen) == 0)
2026 return (B_TRUE);
2027 }
2028 return (B_FALSE);
2029 }
2030
2031 static boolean_t
2032 dhcpnospoof_check_v4(mac_client_impl_t *mcip, mac_protect_t *p,
2033 ipha_t *ipha, uchar_t *end)
2034 {
2035 struct dhcp *dh4;
2036 uchar_t *cid;
2037 uint_t maclen, cidlen = 0;
2038 uint8_t optlen;
2039 int err;
2040
2041 if ((err = get_dhcpv4_info(ipha, end, &dh4)) != 0)
2042 return (err == EINVAL);
2043
2044 maclen = mcip->mci_mip->mi_info.mi_addr_length;
2045 if (dh4->hlen == maclen &&
2046 bcmp(mcip->mci_unicast->ma_addr, dh4->chaddr, maclen) != 0) {
2047 return (B_FALSE);
2048 }
2049 if (get_dhcpv4_option(dh4, end, CD_CLIENT_ID, &cid, &optlen) == 0)
2050 cidlen = optlen;
2051
2052 if (cidlen == 0)
2053 return (B_TRUE);
2054
2055 if (*cid == ARPHRD_ETHER && cidlen - 1 == maclen &&
2056 bcmp(mcip->mci_unicast->ma_addr, cid + 1, maclen) == 0)
2057 return (B_TRUE);
2058
2059 return (dhcpnospoof_check_cid(p, cid, cidlen));
2060 }
2061
2062 static boolean_t
2063 dhcpnospoof_check_v6(mac_client_impl_t *mcip, mac_protect_t *p,
2064 ip6_t *ip6h, uchar_t *end)
2065 {
2066 dhcpv6_message_t *dh6;
2067 dhcpv6_option_t *d6o;
2068 uint8_t mtype;
2069 uchar_t *cid, *lladdr = NULL;
2070 uint_t cidlen, maclen, addrlen = 0;
2071 uint16_t cidtype;
2072 int err;
2073
2074 if ((err = get_dhcpv6_info(ip6h, end, &dh6)) != 0)
2075 return (err == EINVAL);
2076
2077 /*
2078 * We only check client-generated messages.
2079 */
2080 mtype = dh6->d6m_msg_type;
2081 if (mtype == DHCPV6_MSG_ADVERTISE || mtype == DHCPV6_MSG_REPLY ||
2082 mtype == DHCPV6_MSG_RECONFIGURE)
2083 return (B_TRUE);
2084
2085 d6o = get_dhcpv6_option(&dh6[1], end - (uchar_t *)&dh6[1], NULL,
2086 DHCPV6_OPT_CLIENTID, &cidlen);
2087 if (d6o == NULL || (uchar_t *)d6o + cidlen > end)
2088 return (B_TRUE);
2089
2090 cid = (uchar_t *)&d6o[1];
2091 cidlen -= sizeof (*d6o);
2092 if (cidlen < sizeof (cidtype))
2093 return (B_TRUE);
2094
2095 bcopy(cid, &cidtype, sizeof (cidtype));
2096 cidtype = ntohs(cidtype);
2097 if (cidtype == DHCPV6_DUID_LLT && cidlen >= sizeof (duid_llt_t)) {
2098 lladdr = cid + sizeof (duid_llt_t);
2099 addrlen = cidlen - sizeof (duid_llt_t);
2100 }
2101 if (cidtype == DHCPV6_DUID_LL && cidlen >= sizeof (duid_ll_t)) {
2102 lladdr = cid + sizeof (duid_ll_t);
2103 addrlen = cidlen - sizeof (duid_ll_t);
2104 }
2105 maclen = mcip->mci_mip->mi_info.mi_addr_length;
2106 if (lladdr != NULL && addrlen == maclen &&
2107 bcmp(mcip->mci_unicast->ma_addr, lladdr, maclen) == 0) {
2108 return (B_TRUE);
2109 }
2110 return (dhcpnospoof_check_cid(p, cid, cidlen));
2111 }
2112
2113 /*
2114 * Enforce dhcp-nospoof protection.
2115 */
2116 static int
2117 dhcpnospoof_check(mac_client_impl_t *mcip, mac_protect_t *protect,
2118 mblk_t *mp, mac_header_info_t *mhip)
2119 {
2120 size_t hdrsize = mhip->mhi_hdrsize;
2121 uint32_t sap = mhip->mhi_bindsap;
2122 uchar_t *start, *end;
2123 mblk_t *nmp = NULL;
2124 int err;
2125
2126 err = get_l3_info(mp, hdrsize, &start, &end, &nmp);
2127 if (err != 0) {
2128 DTRACE_PROBE2(invalid__l3, mac_client_impl_t *, mcip,
2129 mblk_t *, mp);
2130 return (err);
2131 }
2132 err = EINVAL;
2133
2134 switch (sap) {
2135 case ETHERTYPE_IP: {
2136 ipha_t *ipha = (ipha_t *)start;
2137
2138 if (start + sizeof (ipha_t) > end)
2139 goto fail;
2140
2141 if (!dhcpnospoof_check_v4(mcip, protect, ipha, end))
2142 goto fail;
2143
2144 break;
2145 }
2146 case ETHERTYPE_IPV6: {
2147 ip6_t *ip6h = (ip6_t *)start;
2148
2149 if (start + sizeof (ip6_t) > end)
2150 goto fail;
2151
2152 if (!dhcpnospoof_check_v6(mcip, protect, ip6h, end))
2153 goto fail;
2154
2155 break;
2156 }
2157 }
2158 freemsg(nmp);
2159 return (0);
2160
2161 fail:
2162 /* increment dhcpnospoof stat here */
2163 freemsg(nmp);
2164 return (err);
2165 }
2166
2167 /*
2168 * This is called whenever the mac client's mac address changes, to make sure
2169 * we allow use of the new link-local address.
2170 */
2171 static void
2172 mac_protect_update_v6_local_addr(mac_client_impl_t *mcip)
2173 {
2174 uint_t i;
2175 in6_addr_t *token = &mcip->mci_v6_mac_token;
2176 in6_addr_t *v6addr = &mcip->mci_v6_local_addr;
2177 in6_addr_t ll_template = IN6ADDR_INITIALIZER(V6_LINKLOCAL, 0x0,
2178 0x0, 0x0);
2179
2180 for (i = 0; i < 4; i++) {
2181 v6addr->s6_addr32[i] = token->s6_addr32[i] |
2182 ll_template.s6_addr32[i];
2183 }
2184 mcip->mci_protect_flags |= MPT_FLAG_V6_LOCAL_ADDR_SET;
2185 }
2186
2187 /*
2188 * This is called whenever the mac client's mac address changes, to make sure
2189 * that any existing addresses gained via SLAAC are appropriately updated.
2190 */
2191 static void
2192 mac_protect_update_v6_slaac_addr(mac_client_impl_t *mcip)
2193 {
2194 void *cookie = NULL;
2195 avl_tree_t temp_tree;
2196 avl_tree_t *ttp = &temp_tree, *sip = &mcip->mci_v6_slaac_ip;
2197 in6_addr_t *token = &mcip->mci_v6_mac_token;
2198 slaac_addr_t *addr = NULL;
2199
2200 avl_create(ttp, compare_slaac_ip, sizeof (slaac_addr_t),
2201 offsetof(slaac_addr_t, sla_node));
2202
2203 /* Copy everything over to the temporary tree, and fix the IP address */
2204 while ((addr = avl_destroy_nodes(sip, &cookie)) != NULL) {
2205 VERIFY(insert_slaac_ip(ttp, token, addr) == B_TRUE);
2206 }
2207
2208 /*
2209 * Now that the tempory tree has all of the modified addresses, we can
2210 * swap them over to the original tree once it's reset.
2211 */
2212 avl_destroy(sip);
2213 avl_create(sip, compare_slaac_ip, sizeof (slaac_addr_t),
2214 offsetof(slaac_addr_t, sla_node));
2215 avl_swap(ttp, sip);
2216 }
2217
2218 /*
2219 * After the unicast MAC address changes, we need to update the derived token,
2220 * and update the IPv6 addresses that use the token.
2221 */
2222 void
2223 mac_protect_update_mac_token(mac_client_impl_t *mcip)
2224 {
2225 uint_t media = mcip->mci_mip->mi_info.mi_media;
2226 uint8_t *p, *macaddr = mcip->mci_unicast->ma_addr;
2227 in6_addr_t *token = &mcip->mci_v6_mac_token;
2228
2229 bzero(token, sizeof (in6_addr_t));
2230 p = (uint8_t *)&token->s6_addr32[2];
2231
2232 switch (media) {
2233 case DL_ETHER:
2234 bcopy(macaddr, p, 3);
2235 p[0] ^= 0x2;
2236 p[3] = 0xff;
2237 p[4] = 0xfe;
2238 bcopy(macaddr + 3, p + 5, 3);
2239 break;
2240 case DL_IB:
2241 ASSERT(mcip->mci_mip->mi_info.mi_addr_length == 20);
2242 bcopy(macaddr + 12, p, 8);
2243 p[0] |= 2;
2244 break;
2245 default:
2246 /*
2247 * We do not need to generate the local address for link types
2248 * that do not support link protection. Wifi pretends to be
2249 * Ethernet so it is covered by the DL_ETHER case (note the
2250 * use of mi_media instead of mi_nativemedia).
2251 */
2252 return;
2253 }
2254
2255 mac_protect_update_v6_local_addr(mcip);
2256 mac_protect_update_v6_slaac_addr(mcip);
2257 }
2258
2259
2260
2261 /*
2262 * Enforce link protection on one packet.
2263 */
2264 static int
2265 mac_protect_check_one(mac_client_impl_t *mcip, mblk_t *mp)
2266 {
2267 mac_impl_t *mip = mcip->mci_mip;
2268 mac_resource_props_t *mrp = MCIP_RESOURCE_PROPS(mcip);
2269 mac_protect_t *protect;
2270 mac_header_info_t mhi;
2271 uint32_t types;
2272 int err;
2273
2274 ASSERT(mp->b_next == NULL);
2275 ASSERT(mrp != NULL);
2276
2277 err = mac_vlan_header_info((mac_handle_t)mip, mp, &mhi);
2278 if (err != 0) {
2279 DTRACE_PROBE2(invalid__header, mac_client_impl_t *, mcip,
2280 mblk_t *, mp);
2281 return (err);
2282 }
2283 protect = &mrp->mrp_protect;
2284 types = protect->mp_types;
2285
2286 if ((types & MPT_MACNOSPOOF) != 0) {
2287 if (mhi.mhi_saddr != NULL &&
2288 bcmp(mcip->mci_unicast->ma_addr, mhi.mhi_saddr,
2289 mip->mi_info.mi_addr_length) != 0) {
2290 BUMP_STAT(mcip, macspoofed);
2291 DTRACE_PROBE2(mac__nospoof__fail,
2292 mac_client_impl_t *, mcip, mblk_t *, mp);
2293 return (EINVAL);
2294 }
2295 }
2296 if ((types & MPT_RESTRICTED) != 0) {
2297 uint32_t vid = VLAN_ID(mhi.mhi_tci);
2298 uint32_t sap = mhi.mhi_bindsap;
2299
2300 /*
2301 * ETHERTYPE_VLAN packets are allowed through, provided that
2302 * the vid is not spoofed.
2303 */
2304 if (vid != 0 && !mac_client_check_flow_vid(mcip, vid)) {
2305 BUMP_STAT(mcip, restricted);
2306 DTRACE_PROBE2(restricted__vid__invalid,
2307 mac_client_impl_t *, mcip, mblk_t *, mp);
2308 return (EINVAL);
2309 }
2310
2311 if (sap != ETHERTYPE_IP && sap != ETHERTYPE_IPV6 &&
2312 sap != ETHERTYPE_ARP) {
2313 BUMP_STAT(mcip, restricted);
2314 DTRACE_PROBE2(restricted__fail,
2315 mac_client_impl_t *, mcip, mblk_t *, mp);
2316 return (EINVAL);
2317 }
2318 }
2319 if ((types & MPT_IPNOSPOOF) != 0) {
2320 if ((err = ipnospoof_check(mcip, protect, mp, &mhi)) != 0) {
2321 BUMP_STAT(mcip, ipspoofed);
2322 DTRACE_PROBE2(ip__nospoof__fail,
2323 mac_client_impl_t *, mcip, mblk_t *, mp);
2324 return (err);
2325 }
2326 }
2327 if ((types & MPT_DHCPNOSPOOF) != 0) {
2328 if ((err = dhcpnospoof_check(mcip, protect, mp, &mhi)) != 0) {
2329 BUMP_STAT(mcip, dhcpspoofed);
2330 DTRACE_PROBE2(dhcp__nospoof__fail,
2331 mac_client_impl_t *, mcip, mblk_t *, mp);
2332 return (err);
2333 }
2334 }
2335 return (0);
2336 }
2337
2338 /*
2339 * Enforce link protection on a packet chain.
2340 * Packets that pass the checks are returned back to the caller.
2341 */
2342 mblk_t *
2343 mac_protect_check(mac_client_handle_t mch, mblk_t *mp)
2344 {
2345 mac_client_impl_t *mcip = (mac_client_impl_t *)mch;
2346 mblk_t *ret_mp = NULL, **tailp = &ret_mp, *next;
2347
2348 /*
2349 * Skip checks if we are part of an aggr.
2350 */
2351 if ((mcip->mci_state_flags & MCIS_IS_AGGR_PORT) != 0)
2352 return (mp);
2353
2354 for (; mp != NULL; mp = next) {
2355 next = mp->b_next;
2356 mp->b_next = NULL;
2357
2358 if (mac_protect_check_one(mcip, mp) == 0) {
2359 *tailp = mp;
2360 tailp = &mp->b_next;
2361 } else {
2362 freemsg(mp);
2363 }
2364 }
2365 return (ret_mp);
2366 }
2367
2368 /*
2369 * Check if a particular protection type is enabled.
2370 */
2371 boolean_t
2372 mac_protect_enabled(mac_client_handle_t mch, uint32_t type)
2373 {
2374 return (MAC_PROTECT_ENABLED((mac_client_impl_t *)mch, type));
2375 }
2376
2377 static int
2378 validate_ips(mac_protect_t *p)
2379 {
2380 uint_t i, j;
2381
2382 if (p->mp_ipaddrcnt == MPT_RESET)
2383 return (0);
2384
2385 if (p->mp_ipaddrcnt > MPT_MAXIPADDR)
2386 return (EINVAL);
2387
2388 for (i = 0; i < p->mp_ipaddrcnt; i++) {
2389 mac_ipaddr_t *addr = &p->mp_ipaddrs[i];
2390
2391 /*
2392 * The unspecified address is implicitly allowed so there's no
2393 * need to add it to the list. Also, validate that the netmask,
2394 * if any, is sane for the specific version of IP. A mask of
2395 * some kind is always required.
2396 */
2397 if (addr->ip_netmask == 0)
2398 return (EINVAL);
2399
2400 if (addr->ip_version == IPV4_VERSION) {
2401 if (V4_PART_OF_V6(addr->ip_addr) == INADDR_ANY)
2402 return (EINVAL);
2403 if (addr->ip_netmask > 32)
2404 return (EINVAL);
2405 } else if (addr->ip_version == IPV6_VERSION) {
2406 if (IN6_IS_ADDR_UNSPECIFIED(&addr->ip_addr))
2407 return (EINVAL);
2408
2409 if (IN6_IS_ADDR_V4MAPPED_ANY(&addr->ip_addr))
2410 return (EINVAL);
2411
2412 if (addr->ip_netmask > 128)
2413 return (EINVAL);
2414 } else {
2415 /* invalid ip version */
2416 return (EINVAL);
2417 }
2418
2419 for (j = 0; j < p->mp_ipaddrcnt; j++) {
2420 mac_ipaddr_t *addr1 = &p->mp_ipaddrs[j];
2421
2422 if (i == j || addr->ip_version != addr1->ip_version)
2423 continue;
2424
2425 /* found a duplicate */
2426 if ((addr->ip_version == IPV4_VERSION &&
2427 V4_PART_OF_V6(addr->ip_addr) ==
2428 V4_PART_OF_V6(addr1->ip_addr)) ||
2429 IN6_ARE_ADDR_EQUAL(&addr->ip_addr,
2430 &addr1->ip_addr))
2431 return (EINVAL);
2432 }
2433 }
2434 return (0);
2435 }
2436
2437 /* ARGSUSED */
2438 static int
2439 validate_cids(mac_protect_t *p)
2440 {
2441 uint_t i, j;
2442
2443 if (p->mp_cidcnt == MPT_RESET)
2444 return (0);
2445
2446 if (p->mp_cidcnt > MPT_MAXCID)
2447 return (EINVAL);
2448
2449 for (i = 0; i < p->mp_cidcnt; i++) {
2450 mac_dhcpcid_t *cid = &p->mp_cids[i];
2451
2452 if (cid->dc_len > MPT_MAXCIDLEN ||
2453 (cid->dc_form != CIDFORM_TYPED &&
2454 cid->dc_form != CIDFORM_HEX &&
2455 cid->dc_form != CIDFORM_STR))
2456 return (EINVAL);
2457
2458 for (j = 0; j < p->mp_cidcnt; j++) {
2459 mac_dhcpcid_t *cid1 = &p->mp_cids[j];
2460
2461 if (i == j || cid->dc_len != cid1->dc_len)
2462 continue;
2463
2464 /* found a duplicate */
2465 if (bcmp(cid->dc_id, cid1->dc_id, cid->dc_len) == 0)
2466 return (EINVAL);
2467 }
2468 }
2469 return (0);
2470 }
2471
2472 /*
2473 * Sanity-checks parameters given by userland.
2474 */
2475 int
2476 mac_protect_validate(mac_resource_props_t *mrp)
2477 {
2478 mac_protect_t *p = &mrp->mrp_protect;
2479 int err;
2480
2481 /* check for invalid types */
2482 if (p->mp_types != MPT_RESET && (p->mp_types & ~MPT_ALL) != 0)
2483 return (EINVAL);
2484
2485 if ((err = validate_ips(p)) != 0)
2486 return (err);
2487
2488 if ((err = validate_cids(p)) != 0)
2489 return (err);
2490
2491 return (0);
2492 }
2493
2494 /*
2495 * Enable/disable link protection.
2496 */
2497 int
2498 mac_protect_set(mac_client_handle_t mch, mac_resource_props_t *mrp)
2499 {
2500 mac_client_impl_t *mcip = (mac_client_impl_t *)mch;
2501 mac_impl_t *mip = mcip->mci_mip;
2502 uint_t media = mip->mi_info.mi_nativemedia;
2503 int err;
2504
2505 ASSERT(MAC_PERIM_HELD((mac_handle_t)mip));
2506
2507 /* tunnels are not supported */
2508 if (media == DL_IPV4 || media == DL_IPV6 || media == DL_6TO4)
2509 return (ENOTSUP);
2510
2511 if ((err = mac_protect_validate(mrp)) != 0)
2512 return (err);
2513
2514 if (err != 0)
2515 return (err);
2516
2517 mac_update_resources(mrp, MCIP_RESOURCE_PROPS(mcip), B_FALSE);
2518 i_mac_notify(((mcip->mci_state_flags & MCIS_IS_VNIC) != 0 ?
2519 mcip->mci_upper_mip : mip), MAC_NOTE_ALLOWED_IPS);
2520 return (0);
2521 }
2522
2523 void
2524 mac_protect_update(mac_resource_props_t *new, mac_resource_props_t *curr)
2525 {
2526 mac_protect_t *np = &new->mrp_protect;
2527 mac_protect_t *cp = &curr->mrp_protect;
2528 uint32_t types = np->mp_types;
2529
2530 if (types == MPT_RESET) {
2531 cp->mp_types = 0;
2532 curr->mrp_mask &= ~MRP_PROTECT;
2533 } else {
2534 if (types != 0) {
2535 cp->mp_types = types;
2536 curr->mrp_mask |= MRP_PROTECT;
2537 }
2538 }
2539 if (np->mp_ipaddrcnt != 0) {
2540 if (np->mp_ipaddrcnt <= MPT_MAXIPADDR) {
2541 bcopy(np->mp_ipaddrs, cp->mp_ipaddrs,
2542 sizeof (cp->mp_ipaddrs));
2543 cp->mp_ipaddrcnt = np->mp_ipaddrcnt;
2544 } else if (np->mp_ipaddrcnt == MPT_RESET) {
2545 bzero(cp->mp_ipaddrs, sizeof (cp->mp_ipaddrs));
2546 cp->mp_ipaddrcnt = 0;
2547 }
2548 }
2549 if (np->mp_cidcnt != 0) {
2550 if (np->mp_cidcnt <= MPT_MAXCID) {
2551 bcopy(np->mp_cids, cp->mp_cids, sizeof (cp->mp_cids));
2552 cp->mp_cidcnt = np->mp_cidcnt;
2553 } else if (np->mp_cidcnt == MPT_RESET) {
2554 bzero(cp->mp_cids, sizeof (cp->mp_cids));
2555 cp->mp_cidcnt = 0;
2556 }
2557 }
2558 }
2559
2560 void
2561 mac_protect_init(mac_client_impl_t *mcip)
2562 {
2563 mutex_init(&mcip->mci_protect_lock, NULL, MUTEX_DRIVER, NULL);
2564 mcip->mci_protect_flags = 0;
2565 mcip->mci_txn_cleanup_tid = 0;
2566 avl_create(&mcip->mci_v4_pending_txn, compare_dhcpv4_xid,
2567 sizeof (dhcpv4_txn_t), offsetof(dhcpv4_txn_t, dt_node));
2568 avl_create(&mcip->mci_v4_completed_txn, compare_dhcpv4_cid,
2569 sizeof (dhcpv4_txn_t), offsetof(dhcpv4_txn_t, dt_node));
2570 avl_create(&mcip->mci_v4_dyn_ip, compare_dhcpv4_ip,
2571 sizeof (dhcpv4_txn_t), offsetof(dhcpv4_txn_t, dt_ipnode));
2572 avl_create(&mcip->mci_v6_pending_txn, compare_dhcpv6_xid,
2573 sizeof (dhcpv6_txn_t), offsetof(dhcpv6_txn_t, dt_node));
2574 avl_create(&mcip->mci_v6_cid, compare_dhcpv6_cid,
2575 sizeof (dhcpv6_cid_t), offsetof(dhcpv6_cid_t, dc_node));
2576 avl_create(&mcip->mci_v6_dyn_ip, compare_dhcpv6_ip,
2577 sizeof (dhcpv6_addr_t), offsetof(dhcpv6_addr_t, da_node));
2578 avl_create(&mcip->mci_v6_slaac_ip, compare_slaac_ip,
2579 sizeof (slaac_addr_t), offsetof(slaac_addr_t, sla_node));
2580
2581 if (mcip->mci_state_flags & MCIS_IS_VNIC)
2582 mcip->mci_protect_flags |= MPT_FLAG_PROMISC_FILTERED;
2583 }
2584
2585 void
2586 mac_protect_fini(mac_client_impl_t *mcip)
2587 {
2588 avl_destroy(&mcip->mci_v6_dyn_ip);
2589 avl_destroy(&mcip->mci_v6_cid);
2590 avl_destroy(&mcip->mci_v6_pending_txn);
2591 avl_destroy(&mcip->mci_v4_dyn_ip);
2592 avl_destroy(&mcip->mci_v4_completed_txn);
2593 avl_destroy(&mcip->mci_v4_pending_txn);
2594 avl_destroy(&mcip->mci_v6_slaac_ip);
2595 mcip->mci_txn_cleanup_tid = 0;
2596 mcip->mci_protect_flags = 0;
2597 mutex_destroy(&mcip->mci_protect_lock);
2598 }
2599
2600 static boolean_t
2601 allowed_ips_set(mac_resource_props_t *mrp, uint32_t af)
2602 {
2603 int i;
2604
2605 for (i = 0; i < mrp->mrp_protect.mp_ipaddrcnt; i++) {
2606 if (mrp->mrp_protect.mp_ipaddrs[i].ip_version == af)
2607 return (B_TRUE);
2608 }
2609 return (B_FALSE);
2610 }
2611
2612 mac_protect_t *
2613 mac_protect_get(mac_handle_t mh)
2614 {
2615 mac_impl_t *mip = (mac_impl_t *)mh;
2616
2617 return (&mip->mi_resource_props.mrp_protect);
2618 }